Merge ~alexmurray/ubuntu-cve-tracker:check-cves-hint-from-srcpkg-homepage-and-ref-urls into ubuntu-cve-tracker:master
Proposed by
Alex Murray
Status: | Needs review |
---|---|
Proposed branch: | ~alexmurray/ubuntu-cve-tracker:check-cves-hint-from-srcpkg-homepage-and-ref-urls |
Merge into: | ubuntu-cve-tracker:master |
Diff against target: |
73 lines (+28/-1) 2 files modified
scripts/check-cves (+24/-1) scripts/source_map.py (+4/-0) |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Ubuntu Security Team | Pending | ||
Review via email: mp+464163@code.launchpad.net |
Description of the change
scripts/check-cves: try match CVE references against package homepages
Parse and store the Homepage field in source_map and then try and match these
URLs against any we see in the references for a CVE to hint that the package is
likely affected.
To post a comment you must log in.
Unmerged commits
- 5c6cf4f... by Alex Murray
-
unit-tests:0 (build) check-cves:0 (build) 1 → 2 of 2 results First • Previous • Next • Last
Not sure if the grep-aptavail shell command is a hack or whether we should try and integrate this into source_map and look it up from there - thoughts?